AMI Backups and Retention using AWS Lambda
Hello folks. It has been a long time since I have posted anything. I was involved heavily under some projects and what not. Maybe it could be due to lack of motivation too :-P. (will do something about this too).
Anyhow, this post will help you with one of the top features required in any AWS account.
AMI Backups and Retentions
Normally, we would launch a separate server and put our scripts there on cron. However, this will be serverless and we’ll be using AWS Lambda to achieve this.
NOTE: AMI and Instance Names and Name Tags must be between 3 and 128 characters long, may contain letters, numbers, (, ), ., -, / and _ only. Not following this nomenclature will lead to failure of the lambda function.
Here, we are using 2 AWS Lambda functions viz., createAMI and deleteAMI, which will create AMIs and delete AMIs, respectively. Both these functions are explained in detail below. Please note that both the lambda functions cover all the regions.
createAMI
Table of details:
| Index | Value | 
|---|---|
| Name of the Lambda Function | createAMI | 
| Timeout | 5 min | 
| Role Permissions | ec2:* | 
| Runtime | python2.7 | 
| File Name | createAMI.py | 
| Schedule | rate(5 minutes) | 
Documentation:
The lambda function make use of tags on EC2 intances which provides all the information required to create an AMI. The table below explains the tags required.
| Tag Name | Format | Default Value | Mandatory Tag | 
|---|---|---|---|
| AMIBackup | Yes/No | No | Yes | 
| AMITime | HH:MM | 15:00 | Yes | 
| Reboot | Yes/No | No | No | 
| Retention | Whole Number | 7 | No | 
In the above table:
- AMIBackup: It is used to specify which Instance has to be backed up.
- AMITime: It is used to specify the time in UTC when the AMI has to be created.
- Reboot: It is used to specify if the instance has to be rebooted when creating the AMI.
- Retention: It is used to specify the AMI retention period in days.
deleteAMI
Table of details:
| Name | Value | 
|---|---|
| Name of the Lambda Function | deleteAMI | 
| Timeout | 5 min | 
| Role Permissions | ec2:* | 
| Runtime | python2.7 | 
| File Name | deleteAMI.py | 
| Schedule | cron(00 15 * * ? *) | 
Documentation:
The lambda function make use of tags on EC2 intances which provides all the information required to delete an AMI. The tags are copied from the instance to AMI via createAMI function. The table below explains the tags required.
| Tag Name | Format | Default Value | 
|---|---|---|
| AMIBackup | Yes/No | Copied from Instance | 
| AMITime | HH:MM | Copied from Instance | 
| Reboot | Yes/No | Copied from Instance | 
| Retention | Whole Number | Copied from Instance | 
In the above table(s):
- AMIBackup: It is used to specify which Instance has to be backed up. deleteAMI will only get triggered if this tag is present with- Yesvalue.
- AMITime: It is used to specify the time when the AMI has to be created.
- Reboot: It is used to specify if the instance has to be rebooted when creating the AMI.
- Retention: It is used to specify the AMI retention period in days.
Both the scripts are available in Github (HERE).
Thanks for your time. Comments are welcome.
